Windows Server – Disable Password Complexity

KB ID 0000324


If you are unsure what password complexity is click here. Bear in mind that it’s there for valid security reason, the more complex your passwords are, the more secure your network is. However the vast majority of users can even remember where they saved their last Word document, never mind a complex password that changes every 30 days.

windows cannot set the password

If your data is not the sort of data that Tom Cruise would abseil down from a sky light to steal, and more like the kind of data that’s mundane and uninteresting, then security might not be your greatest concern.


Note: Prior to Server 2008 (that’ll be Server 2003 and earlier then) you could only have one password policy, and this applies to the entire domain. To get multiple password policies in older domains you had to create “sub-domains”. With 2008 you can have different password polices, I’m assuming if you have the knowledge of how to create fine grained password policies, then you wont be reading this anyhow, for everyone else there’s Mastercard – well that, and the default domain policy.

1. On a domain controller , Start > Administrative Tools > Group Policy Management > Expand Forest > Domains > {your domain name} > Right click Default Domain Policy > Edit.

2. Navigate to Computer Configuration > Policies > Windows Settings > Security Settings > Account Policies > Password Policy > “Password must meet complexity requirements”.

password complexity

Note some other policies may be of use here – like password length password history etc.

3. Change the policy definition to “Disabled” (note just un ticking the “Define this policy setting” will NOT work) > Apply > OK > Exit the group policy management console.

pasword policy

4. To refresh the policy > Start > cmd > issue the following command,

gpupdate /force

force policy update


Related Articles, References, Credits, or External Links


Author: Migrated

Share This Post On